5
>
CDWG.com | 800.808.4239
Protection Schemes
e growing complexity of security
is forcing many entities and IT leaders
to re-examine the way they approach
security. According to Ponemon Institute,
90 percent of senior staff say that their
organization has dealt with a data breach
and half say that they expect more data
breaches and breakdowns in the future.
e average cost of a data breach
is now $214 per record and about
$7.2 million per incident, the research
organization reports. Meanwhile,
Symantec reports that it processes more
than 1.5 billion security alerts daily.
In recent months, attacks, takedowns
and break-ins have escalated. Major
U.S. financial institutions have faced
blistering attacks, several high-profile
organizations have endured serious
security breaches that have revealed
sensitive customer data, and government
systems have been breached by
attackers and gangs with IP addresses
security CTO in the security business
practice at Symantec. " ere is an
entire criminal ecosystem at work."
Coping with this new normal
is no easy task. Developing an
effective strategy and putting strong
protections in place is paramount.
Today, there's a growing need for a
more comprehensive approach to
security, including defense in depth.
Enterprise security requirements
are changing and evolving, threats
are becoming more sophisticated and
the damage caused by an attack is
more severe. In a worst-case scenario,
the damage can be so pronounced
that survival is in question.
Today, organizations must focus
heavily on four primary areas of defense
in depth: gateway and networks,
servers, applications and client security.
But they must also take a more
integrated and data-centric approach
to operations and protecting assets.
originating from outside the U.S.
"Many organizations have done
the bare minimum and don't believe
that they are a real target," states
Jonathan Gossels, president and CEO
of SystemExperts, a Sudbury, Mass.
security risk analysis consulting firm.
e heart of the problem, security
experts say, is that practices haven't
kept up with hackers and thieves,
who continually devise new and
more sophisticated ways to attack
networks and steal data. In addition,
many breakdowns occur because
of lax or poor internal processes.
Workers may eschew rules and
procedures or simply not know that
what they are doing can add to risk.
For instance, a staffer may paste
sensitive data into an email or instant
message. Or a mobile worker may
forego a passlock on a smartphone
or tablet. If it's lost, the finder has
unfettered access to the device.